RIM has announced a new BlackBerry Attachment Service PDF Distiller File Parsing Vulnerability for it's BlackBerry Enterprise Server. This vulnerability could inject malicious code into an affected system after the launching of an infected PDF file. Since the PDF would be crafted with the malicious code it would also likely require the use of Phishing or targeted Phishing in order to successfully infect a system.
This is not the first one that we have seen but this time it was very easy to fix and does not really disrupt service during the patching. The process is very simple and should be done immediately. Use the link below to download and follow their instructions. But basically you download a few dll files, un-register the old, over write them with the new, and re-register them. Easy Stuff!
BlackBerry Enterprise Server
BlacBerry Unite was also affected by this.
BlackBerry Attachment Service for BlackBerry Unite
Posted by
Mike Wright
